May 12, 2021

What is the difference between Flubot and Smishing? – Flubot and Smishing Solutions Part 3/7

What do FluBot and SMS phishing have in common? Shocking daily headlines, the Wild West of URLs, and one easy solution to stop both in their tracks.

If you have heard anything about the newest Flubot attack, you have probably also warned your parents and others not to trust or click any link from an SMS message. This is bad news for MNOs. Fraud has been on a steep incline since the COVID-19 pandemic began, and consumers, while under attack from the virus, are also under attack electronically and financially.

Smishing, malware, and the Flubot are dominating headlines. These attacks may seem like separate threats, but they have a lot in common: They both begin with an SMS message and end in devastating financial losses to subscribers. Mobile operators have responded by issuing warnings to consumers, yet they are missing an enormous opportunity to save the day and savour the glory (and press coverage) any hero should.  

What’s the Difference?

Smishing affects Android and Iphone users alike, for one. Even iPhone users who may be immune to Flubot are just as susceptible to smishing scams.Smishing does not compromise the phone in any way, and works solely by funneling the user to the phishing website. The Flubot on the other hand, is smishing plus a trojan malware bonus. The malware is more sophisticated and able to gather more information over time.  

Another key difference is that the Flubot is self-propagating and represents a real threat to mobile network stability and quality of service. Having the ability to send unlimited SMS messages from each infected handset, makes Flubot an added liability for network operators. Unchecked increase in message volumes could create outages and disrupt service.   

What they have in common

SMS as an attack vector: They both start with a malicious URL delivered via SMS, phish sensitive data, and end with innocent people losing their shirts. 

Highly lucrative and well-funded

Both attacks result in huge gains for the attacker. Even with a low percentage of successful attacks overall, the net gains can be enormous. We must keep in mind that in many cases, hackers are not shady characters in a basement, but rather highly sophisticated businesses such as professional ransomware firms who legitimately employ professionals to design and perpetrate such attacks. Their business model is defrauding the unsuspecting at the highest scale and efficiency possible. 

More information on the Cellusys SMS Anti-Phishing Solution

How SMS Anti-Phishing works:

The SMS Anti-Phishing Solution can be used in conjunction with an SMS firewall or as a standalone solution for SMS phishing and Flubot attacks. 

Every SMS is checked for the presence of a URL. Cellusys authenticates every URL against the Phishing Threat Intelligence Database registry. Even if the URL redirects multiple times across multiple domains, the destination URL will be authenticated:

The subscriber receives the message in one of three ways: 

  1. Verified Safe URLs: Subscriber can open the link 
  1. Potentially Dangerous URLs that cannot be verified: the link is replaced with a redirect link to a warning page explaining why the page is blocked, and urging the subscriber only to open with extreme caution. 
  1. Dangerous URLs that are known: the link is replaced with a redirect link to a warning page explaining why the page has been blocked.  

More Information about Fraud Insight solution for Malware 

Tags: , , , , ,

Categorised in:

May 12, 2021